[c-nsp] ICMP Packet too big attack
Paul Cosgrove
paul.cosgrove at heanet.ie
Sat May 10 08:19:54 EDT 2008
Hi Alaerte,
The attack is intended to force PMTUD to lower the outgoing packet size.
This increases fragmentation of outgoing packets and thus load on the
processor. Cisco IOS was modified to mitigate against, but not prevent,
such attacks. I think the change was just to delay the response to such
packets. Forget in which versions this was first implemented in but
think it was about 18 months ago.
Paul.
alaerte.vidali at nsn.com wrote:
>
> Hi,
>
> Have you heard about attacks trying to explore generation of packet too
> big ICMP messages?
>
> Tks,
> Alaerte
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
--
HEAnet Limited
Ireland's Education & Research Network
5 George's Dock, IFSC, Dublin 1, Ireland
Tel: +353.1.6609040
Web: http://www.heanet.ie
Company registered in Ireland: 275301
Please consider the environment before printing this e-mail.
More information about the cisco-nsp
mailing list